Security Images component can help alleviate these problems by incorporating captcha images into your content, which helps to identify "humans" from "non humans".

Security Images seamlessly integrates into the core areas such as contacts and user registration/password reset, and is integrated with many more 3rd party components such as custom form components, forums, and so forth.

Installing Security Images is quite simple, once it's installed you just choose which images or types of captcha field you would like to use, and before you know it, you've got a captcha field!  The slight disadvantage is that you need to update your Security Images patches with each Joomla! update, so it's a bit of a drain on resources if you support a lot of sites.

There are also a whole range of other captcha systems that can be used, perhaps the most popular is ReCaptcha.  Plugins exist for almost all components, allowing seamless integration with most Captcha systems, so it's well worth making sure you find one that suits your needs.  Don't forget to cater for people who can't see the captcha - whether this is due to visual difficulties or just a poor display screen, you need to have an audio version available to read the captcha image.

Another useful extension is EasySpamKiller - this will monitor all submissions to your site, via your registration (front and back end), contact form, etc.  There are also plugins for components such as SOBI.

The beauty of this component is that it checks the IP address, Username and Email addresses against blacklists held by Project Honeypot and it does this SILENTLY.  No captcha to complete, no fuss. 

In our experience this system works far more efficiently than a Captcha based system, because believe it or not some people are actually paid to go through and submit forms and message board threads, so they will easily overcome the captcha-based system.  This system checks their IP address, Username and Email address against a list of known spammers, and acts accordingly.

You can even help Project Honeypot by setting up your own "honeypot" to catch the spammers out.

There is also a plugin for protecting your forums which queries Stop Forum Spam. 

If you use EasySpamKiller you probably want to modify the page that your users are sent to when they trigger the alarm - this file is called die_loud.php and is under plugins>easy>easyspamkillerhelper>templates.